Sandboxes
Sandboxes are isolated environments where your agents run.
What is a Sandbox?
A sandbox is a secure, isolated container that:
- Runs your agent code
- Has its own filesystem
- Has network access (egress only)
- Is completely isolated from other sandboxes
Castari uses E2B for sandbox infrastructure.
Per-Request Sandboxes
Every invocation gets a fresh sandbox:
Request 1 → Sandbox A → Response 1 → Sandbox A destroyed
Request 2 → Sandbox B → Response 2 → Sandbox B destroyed
Request 3 → Sandbox C → Response 3 → Sandbox C destroyed
- Security — No data persists between requests
- Isolation — One request can’t affect another
- Scalability — Parallel requests run in parallel sandboxes
Sandbox Lifecycle
During Deployment
- New sandbox created
- Agent code uploaded
npm install executed- Secrets injected as environment variables
- Sandbox kept warm for invocations
During Invocation
- Warm sandbox receives request
- Agent process started with prompt on stdin
- Agent executes (Claude + tools)
- Response captured from stdout
- Sandbox state reset for next request
On Redeploy
- Old sandbox destroyed
- New sandbox created with updated code
- All state from old sandbox is lost
Security Model
Isolation
Each sandbox is a separate container with:
- Own filesystem
- Own process namespace
- Own network namespace
- No access to host system
Network
| Direction | Allowed |
|---|
| Outbound (egress) | Yes — can call external APIs |
| Inbound (ingress) | No — cannot receive connections |
Filesystem
- Agents can read/write within their sandbox
- No access to other sandboxes
- State does not persist between invocations
Resource Limits
| Resource | Default Limit | Notes |
|---|
| Memory | 2 GB | Per sandbox |
| CPU | 2 cores | Shared |
| Timeout | 120 seconds | Per invocation |
| Disk | 10 GB | Ephemeral |
Need higher limits? Contact us for enterprise plans.
Preinstalled Software
Sandboxes come with:
- Node.js 20
- npm
- git
- Common utilities (curl, wget, etc.)
Debugging Sandbox Issues
Timeout Errors
If your agent times out:
- Check for infinite loops
- Optimize slow operations
- Break complex tasks into smaller steps
Out of Memory
If your agent runs out of memory:
- Process data in chunks
- Avoid loading large files entirely into memory
- Clean up resources after use
Network Errors
If external API calls fail:
- Check the API is accessible
- Verify credentials are set as secrets
- Check for rate limiting
E2B vs Other Sandboxing
Why E2B?
| Feature | E2B | Docker | Firecracker |
|---|
| Startup time | ~1s | ~5s | ~125ms |
| Isolation | Strong | Medium | Strong |
| API | Simple | Complex | Complex |
| Managed | Yes | No | No |
See Also
